s3_lib.c 33.6 KB
Newer Older
1
/* ssl/s3_lib.c */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
B
Bodo Möller 已提交
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110
/* ====================================================================
 * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
111 112

#include <stdio.h>
U
Ulf Möller 已提交
113 114
#include <openssl/md5.h>
#include <openssl/sha.h>
115
#include <openssl/objects.h>
116 117
#include "ssl_locl.h"

B
Ben Laurie 已提交
118
const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
119 120 121 122

#define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))

static long ssl3_default_timeout(void );
U
Ulf Möller 已提交
123

B
Bodo Möller 已提交
124
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
125 126 127 128 129 130
/* The RSA ciphers */
/* Cipher 01 */
	{
	1,
	SSL3_TXT_RSA_NULL_MD5,
	SSL3_CK_RSA_NULL_MD5,
131 132 133 134
	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
	SSL_NOT_EXP,
	0,
	0,
135 136
	0,
	SSL_ALL_CIPHERS,
137
	SSL_ALL_STRENGTHS,
138 139 140 141 142 143
	},
/* Cipher 02 */
	{
	1,
	SSL3_TXT_RSA_NULL_SHA,
	SSL3_CK_RSA_NULL_SHA,
144 145 146 147
	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP,
	0,
	0,
148 149
	0,
	SSL_ALL_CIPHERS,
150
	SSL_ALL_STRENGTHS,
151 152 153 154 155 156 157 158
	},

/* anon DH */
/* Cipher 17 */
	{
	1,
	SSL3_TXT_ADH_RC4_40_MD5,
	SSL3_CK_ADH_RC4_40_MD5,
159 160
	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
161
	0,
162 163
	40,
	128,
164
	SSL_ALL_CIPHERS,
165
	SSL_ALL_STRENGTHS,
166 167 168 169 170 171
	},
/* Cipher 18 */
	{
	1,
	SSL3_TXT_ADH_RC4_128_MD5,
	SSL3_CK_ADH_RC4_128_MD5,
172 173
	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
	SSL_NOT_EXP,
174
	0,
175 176
	128,
	128,
177
	SSL_ALL_CIPHERS,
178
	SSL_ALL_STRENGTHS,
179 180 181 182 183 184
	},
/* Cipher 19 */
	{
	1,
	SSL3_TXT_ADH_DES_40_CBC_SHA,
	SSL3_CK_ADH_DES_40_CBC_SHA,
185 186
	SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
187
	0,
188 189
	40,
	128,
190
	SSL_ALL_CIPHERS,
191
	SSL_ALL_STRENGTHS,
192 193 194 195 196 197
	},
/* Cipher 1A */
	{
	1,
	SSL3_TXT_ADH_DES_64_CBC_SHA,
	SSL3_CK_ADH_DES_64_CBC_SHA,
198 199
	SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP,
200
	0,
201 202
	56,
	56,
203
	SSL_ALL_CIPHERS,
204
	SSL_ALL_STRENGTHS,
205 206 207 208
	},
/* Cipher 1B */
	{
	1,
209 210
	SSL3_TXT_ADH_DES_192_CBC_SHA,
	SSL3_CK_ADH_DES_192_CBC_SHA,
211 212
	SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP,
213
	0,
214 215
	168,
	168,
216
	SSL_ALL_CIPHERS,
217
	SSL_ALL_STRENGTHS,
218 219 220 221 222 223 224 225
	},

/* RSA again */
/* Cipher 03 */
	{
	1,
	SSL3_TXT_RSA_RC4_40_MD5,
	SSL3_CK_RSA_RC4_40_MD5,
226 227
	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
228
	0,
229 230
	40,
	128,
231
	SSL_ALL_CIPHERS,
232
	SSL_ALL_STRENGTHS,
233 234 235 236 237 238
	},
/* Cipher 04 */
	{
	1,
	SSL3_TXT_RSA_RC4_128_MD5,
	SSL3_CK_RSA_RC4_128_MD5,
239 240
	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
	SSL_NOT_EXP|SSL_MEDIUM,
241
	0,
242 243
	128,
	128,
244
	SSL_ALL_CIPHERS,
245
	SSL_ALL_STRENGTHS,
246 247 248 249 250 251
	},
/* Cipher 05 */
	{
	1,
	SSL3_TXT_RSA_RC4_128_SHA,
	SSL3_CK_RSA_RC4_128_SHA,
252 253
	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_MEDIUM,
254
	0,
255 256
	128,
	128,
257
	SSL_ALL_CIPHERS,
258
	SSL_ALL_STRENGTHS,
259 260 261 262 263 264
	},
/* Cipher 06 */
	{
	1,
	SSL3_TXT_RSA_RC2_40_MD5,
	SSL3_CK_RSA_RC2_40_MD5,
265 266
	SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
267
	0,
268 269
	40,
	128,
270
	SSL_ALL_CIPHERS,
271
	SSL_ALL_STRENGTHS,
272 273 274 275 276 277
	},
/* Cipher 07 */
	{
	1,
	SSL3_TXT_RSA_IDEA_128_SHA,
	SSL3_CK_RSA_IDEA_128_SHA,
278 279
	SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_MEDIUM,
280
	0,
281 282
	128,
	128,
283
	SSL_ALL_CIPHERS,
284
	SSL_ALL_STRENGTHS,
285 286 287 288 289 290
	},
/* Cipher 08 */
	{
	1,
	SSL3_TXT_RSA_DES_40_CBC_SHA,
	SSL3_CK_RSA_DES_40_CBC_SHA,
291 292
	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
293
	0,
294 295
	40,
	56,
296
	SSL_ALL_CIPHERS,
297
	SSL_ALL_STRENGTHS,
298 299 300 301 302 303
	},
/* Cipher 09 */
	{
	1,
	SSL3_TXT_RSA_DES_64_CBC_SHA,
	SSL3_CK_RSA_DES_64_CBC_SHA,
304 305
	SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
306
	0,
307 308
	56,
	56,
309
	SSL_ALL_CIPHERS,
310
	SSL_ALL_STRENGTHS,
311 312 313 314 315 316
	},
/* Cipher 0A */
	{
	1,
	SSL3_TXT_RSA_DES_192_CBC3_SHA,
	SSL3_CK_RSA_DES_192_CBC3_SHA,
317 318
	SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
319
	0,
320 321
	168,
	168,
322
	SSL_ALL_CIPHERS,
323
	SSL_ALL_STRENGTHS,
324 325 326 327 328 329 330 331
	},

/*  The DH ciphers */
/* Cipher 0B */
	{
	0,
	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
332 333
	SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
334
	0,
335 336
	40,
	56,
337
	SSL_ALL_CIPHERS,
338
	SSL_ALL_STRENGTHS,
339 340 341 342 343 344
	},
/* Cipher 0C */
	{
	0,
	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
345 346
	SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
347
	0,
348 349
	56,
	56,
350
	SSL_ALL_CIPHERS,
351
	SSL_ALL_STRENGTHS,
352 353 354 355 356 357
	},
/* Cipher 0D */
	{
	0,
	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
358 359
	SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
360
	0,
361 362
	168,
	168,
363
	SSL_ALL_CIPHERS,
364
	SSL_ALL_STRENGTHS,
365 366 367 368 369 370
	},
/* Cipher 0E */
	{
	0,
	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
371 372
	SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
373
	0,
374 375
	40,
	56,
376
	SSL_ALL_CIPHERS,
377
	SSL_ALL_STRENGTHS,
378 379 380 381 382 383
	},
/* Cipher 0F */
	{
	0,
	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
384 385
	SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
386
	0,
387 388
	56,
	56,
389
	SSL_ALL_CIPHERS,
390
	SSL_ALL_STRENGTHS,
391 392 393 394 395 396
	},
/* Cipher 10 */
	{
	0,
	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
397 398
	SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
399
	0,
400 401
	168,
	168,
402
	SSL_ALL_CIPHERS,
403
	SSL_ALL_STRENGTHS,
404 405 406 407 408 409 410 411
	},

/* The Ephemeral DH ciphers */
/* Cipher 11 */
	{
	1,
	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
412 413
	SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
414
	0,
415 416
	40,
	56,
417
	SSL_ALL_CIPHERS,
418
	SSL_ALL_STRENGTHS,
419 420 421 422 423 424
	},
/* Cipher 12 */
	{
	1,
	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
425 426
	SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
427
	0,
428 429
	56,
	56,
430
	SSL_ALL_CIPHERS,
431
	SSL_ALL_STRENGTHS,
432 433 434 435 436 437
	},
/* Cipher 13 */
	{
	1,
	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
438 439
	SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
440
	0,
441 442
	168,
	168,
443
	SSL_ALL_CIPHERS,
444
	SSL_ALL_STRENGTHS,
445 446 447 448 449 450
	},
/* Cipher 14 */
	{
	1,
	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
451 452
	SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
453
	0,
454 455
	40,
	56,
456
	SSL_ALL_CIPHERS,
457
	SSL_ALL_STRENGTHS,
458 459 460 461 462 463
	},
/* Cipher 15 */
	{
	1,
	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
464 465
	SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
466
	0,
467 468
	56,
	56,
469
	SSL_ALL_CIPHERS,
470
	SSL_ALL_STRENGTHS,
471 472 473 474 475 476
	},
/* Cipher 16 */
	{
	1,
	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
477 478
	SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
479
	0,
480 481
	168,
	168,
482
	SSL_ALL_CIPHERS,
483
	SSL_ALL_STRENGTHS,
484 485 486 487 488 489 490 491
	},

/* Fortezza */
/* Cipher 1C */
	{
	0,
	SSL3_TXT_FZA_DMS_NULL_SHA,
	SSL3_CK_FZA_DMS_NULL_SHA,
492 493 494 495
	SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP,
	0,
	0,
496 497
	0,
	SSL_ALL_CIPHERS,
498
	SSL_ALL_STRENGTHS,
499 500 501 502 503 504 505
	},

/* Cipher 1D */
	{
	0,
	SSL3_TXT_FZA_DMS_FZA_SHA,
	SSL3_CK_FZA_DMS_FZA_SHA,
506 507 508 509
	SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP,
	0,
	0,
510 511
	0,
	SSL_ALL_CIPHERS,
512
	SSL_ALL_STRENGTHS,
513 514 515 516 517 518 519
	},

/* Cipher 1E */
	{
	0,
	SSL3_TXT_FZA_DMS_RC4_SHA,
	SSL3_CK_FZA_DMS_RC4_SHA,
520 521
	SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
	SSL_NOT_EXP,
522
	0,
523 524
	128,
	128,
525
	SSL_ALL_CIPHERS,
526
	SSL_ALL_STRENGTHS,
527 528
	},

529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617
#ifndef NO_KRB5
/* The Kerberos ciphers
** 20000107 VRS: And the first shall be last,
** in hopes of avoiding the lynx ssl renegotiation problem.
*/
/* Cipher 21 VRS */
	{
	1,
	SSL3_TXT_KRB5_DES_40_CBC_SHA,
	SSL3_CK_KRB5_DES_40_CBC_SHA,
	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
	0,
	40,
	56,
	SSL_ALL_CIPHERS,
	SSL_ALL_STRENGTHS,
	},

/* Cipher 22 VRS */
	{
	1,
	SSL3_TXT_KRB5_DES_40_CBC_MD5,
	SSL3_CK_KRB5_DES_40_CBC_MD5,
	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
	SSL_EXPORT|SSL_EXP40,
	0,
	40,
	56,
	SSL_ALL_CIPHERS,
	SSL_ALL_STRENGTHS,
	},

/* Cipher 23 VRS */
	{
	1,
	SSL3_TXT_KRB5_DES_64_CBC_SHA,
	SSL3_CK_KRB5_DES_64_CBC_SHA,
	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
	0,
	56,
	56,
	SSL_ALL_CIPHERS,
	SSL_ALL_STRENGTHS,
	},

/* Cipher 24 VRS */
	{
	1,
	SSL3_TXT_KRB5_DES_64_CBC_MD5,
	SSL3_CK_KRB5_DES_64_CBC_MD5,
	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
	SSL_NOT_EXP|SSL_LOW,
	0,
	56,
	56,
	SSL_ALL_CIPHERS,
	SSL_ALL_STRENGTHS,
	},

/* Cipher 25 VRS */
	{
	1,
	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
	SSL3_CK_KRB5_DES_192_CBC3_SHA,
	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
	0,
	112,
	168,
	SSL_ALL_CIPHERS,
	SSL_ALL_STRENGTHS,
	},

/* Cipher 26 VRS */
	{
	1,
	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
	SSL3_CK_KRB5_DES_192_CBC3_MD5,
	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
	SSL_NOT_EXP|SSL_HIGH,
	0,
	112,
	168,
	SSL_ALL_CIPHERS,
	SSL_ALL_STRENGTHS,
	},
#endif	/* NO_KRB5 */
D
 
Dr. Stephen Henson 已提交
618 619


B
Ben Laurie 已提交
620
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
621 622 623 624
	/* New TLS Export CipherSuites */
	/* Cipher 60 */
	    {
	    1,
625 626
	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
627 628
	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
	    SSL_EXPORT|SSL_EXP56,
629
	    0,
630 631 632 633
	    56,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
634 635 636 637
	    },
	/* Cipher 61 */
	    {
	    1,
638 639
	    TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
	    TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
640 641
	    SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
	    SSL_EXPORT|SSL_EXP56,
642
	    0,
643 644 645 646
	    56,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
647 648 649 650
	    },
	/* Cipher 62 */
	    {
	    1,
651 652
	    TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
	    TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
653 654
	    SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
	    SSL_EXPORT|SSL_EXP56,
655
	    0,
656 657 658 659
	    56,
	    56,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
660
	    },
661 662 663 664 665
	/* Cipher 63 */
	    {
	    1,
	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
666 667
	    SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
	    SSL_EXPORT|SSL_EXP56,
668
	    0,
669 670 671 672
	    56,
	    56,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
673 674 675 676 677 678
	    },
	/* Cipher 64 */
	    {
	    1,
	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
679 680
	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
	    SSL_EXPORT|SSL_EXP56,
681
	    0,
682 683 684 685
	    56,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
686 687 688 689 690 691
	    },
	/* Cipher 65 */
	    {
	    1,
	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
692 693
	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
	    SSL_EXPORT|SSL_EXP56,
694
	    0,
695 696 697 698
	    56,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
699 700 701 702 703 704 705
	    },
	/* Cipher 66 */
	    {
	    1,
	    TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
	    TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
706
	    SSL_NOT_EXP,
707
	    0,
708 709 710 711
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS
712
	    },
D
 
Dr. Stephen Henson 已提交
713 714 715 716
#endif
	/* New AES ciphersuites */

	/* Cipher 2F */
717 718
	    {
	    1,
D
 
Dr. Stephen Henson 已提交
719 720 721 722
	    TLS1_TXT_RSA_WITH_AES_128_SHA,
	    TLS1_CK_RSA_WITH_AES_128_SHA,
	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
	    SSL_NOT_EXP|SSL_MEDIUM,
723 724 725 726 727 728
	    0,
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
D
 
Dr. Stephen Henson 已提交
729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872
	/* Cipher 30 */
	    {
	    0,
	    TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
	    TLS1_CK_DH_DSS_WITH_AES_128_SHA,
	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_MEDIUM,
	    0,
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 31 */
	    {
	    0,
	    TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
	    TLS1_CK_DH_RSA_WITH_AES_128_SHA,
	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_MEDIUM,
	    0,
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 32 */
	    {
	    1,
	    TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
	    TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_MEDIUM,
	    0,
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 33 */
	    {
	    1,
	    TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
	    TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_MEDIUM,
	    0,
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 34 */
	    {
	    1,
	    TLS1_TXT_ADH_WITH_AES_128_SHA,
	    TLS1_CK_ADH_WITH_AES_128_SHA,
	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_MEDIUM,
	    0,
	    128,
	    128,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },

	/* Cipher 35 */
	    {
	    1,
	    TLS1_TXT_RSA_WITH_AES_256_SHA,
	    TLS1_CK_RSA_WITH_AES_256_SHA,
	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
	    SSL_NOT_EXP|SSL_HIGH,
	    0,
	    256,
	    256,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 36 */
	    {
	    0,
	    TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
	    TLS1_CK_DH_DSS_WITH_AES_256_SHA,
	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_HIGH,
	    0,
	    256,
	    256,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 37 */
	    {
	    0,
	    TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
	    TLS1_CK_DH_RSA_WITH_AES_256_SHA,
	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_HIGH,
	    0,
	    256,
	    256,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 38 */
	    {
	    1,
	    TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
	    TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_HIGH,
	    0,
	    256,
	    256,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 39 */
	    {
	    1,
	    TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
	    TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_HIGH,
	    0,
	    256,
	    256,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
	/* Cipher 3A */
	    {
	    1,
	    TLS1_TXT_ADH_WITH_AES_256_SHA,
	    TLS1_CK_ADH_WITH_AES_256_SHA,
	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
	    SSL_NOT_EXP|SSL_HIGH,
	    0,
	    256,
	    256,
	    SSL_ALL_CIPHERS,
	    SSL_ALL_STRENGTHS,
	    },
873

874 875 876
/* end of list */
	};

877 878 879 880 881 882 883 884 885 886 887 888 889 890
static SSL3_ENC_METHOD SSLv3_enc_data={
	ssl3_enc,
	ssl3_mac,
	ssl3_setup_key_block,
	ssl3_generate_master_secret,
	ssl3_change_cipher_state,
	ssl3_final_finish_mac,
	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
	ssl3_cert_verify_mac,
	SSL3_MD_CLIENT_FINISHED_CONST,4,
	SSL3_MD_SERVER_FINISHED_CONST,4,
	ssl3_alert_code,
	};

891
static SSL_METHOD SSLv3_data= {
892
	SSL3_VERSION,
893 894 895 896 897 898 899 900 901 902
	ssl3_new,
	ssl3_clear,
	ssl3_free,
	ssl_undefined_function,
	ssl_undefined_function,
	ssl3_read,
	ssl3_peek,
	ssl3_write,
	ssl3_shutdown,
	ssl3_renegotiate,
903
	ssl3_renegotiate_check,
904 905 906 907 908 909 910 911 912
	ssl3_ctrl,
	ssl3_ctx_ctrl,
	ssl3_get_cipher_by_char,
	ssl3_put_cipher_by_char,
	ssl3_pending,
	ssl3_num_ciphers,
	ssl3_get_cipher,
	ssl_bad_method,
	ssl3_default_timeout,
913
	&SSLv3_enc_data,
914 915 916
	ssl_undefined_function,
	ssl3_callback_ctrl,
	ssl3_ctx_callback_ctrl,
917 918
	};

U
Ulf Möller 已提交
919
static long ssl3_default_timeout(void)
920 921 922 923 924 925
	{
	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
	 * is way too long for http, the cache would over fill */
	return(60*60*2);
	}

U
Ulf Möller 已提交
926
SSL_METHOD *sslv3_base_method(void)
927 928 929 930
	{
	return(&SSLv3_data);
	}

U
Ulf Möller 已提交
931
int ssl3_num_ciphers(void)
932 933 934 935
	{
	return(SSL3_NUM_CIPHERS);
	}

U
Ulf Möller 已提交
936
SSL_CIPHER *ssl3_get_cipher(unsigned int u)
937 938 939 940 941 942 943
	{
	if (u < SSL3_NUM_CIPHERS)
		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
	else
		return(NULL);
	}

U
Ulf Möller 已提交
944
int ssl3_pending(SSL *s)
945
	{
B
Bodo Möller 已提交
946
	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
947 948
	}

U
Ulf Möller 已提交
949
int ssl3_new(SSL *s)
950
	{
951
	SSL3_STATE *s3;
952

953
	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
954
	memset(s3,0,sizeof *s3);
955 956 957

	s->s3=s3;

958
	s->method->ssl_clear(s);
959 960 961 962 963
	return(1);
err:
	return(0);
	}

U
Ulf Möller 已提交
964
void ssl3_free(SSL *s)
965
	{
B
Ben Laurie 已提交
966 967 968
	if(s == NULL)
	    return;

969 970
	ssl3_cleanup_key_block(s);
	if (s->s3->rbuf.buf != NULL)
971
		OPENSSL_free(s->s3->rbuf.buf);
972
	if (s->s3->wbuf.buf != NULL)
973
		OPENSSL_free(s->s3->wbuf.buf);
974
	if (s->s3->rrec.comp != NULL)
975
		OPENSSL_free(s->s3->rrec.comp);
976 977 978 979 980
#ifndef NO_DH
	if (s->s3->tmp.dh != NULL)
		DH_free(s->s3->tmp.dh);
#endif
	if (s->s3->tmp.ca_names != NULL)
B
Ben Laurie 已提交
981
		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
982
	memset(s->s3,0,sizeof *s->s3);
983
	OPENSSL_free(s->s3);
984 985 986
	s->s3=NULL;
	}

U
Ulf Möller 已提交
987
void ssl3_clear(SSL *s)
988 989 990 991 992
	{
	unsigned char *rp,*wp;

	ssl3_cleanup_key_block(s);
	if (s->s3->tmp.ca_names != NULL)
B
Ben Laurie 已提交
993
		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
994

995 996
	if (s->s3->rrec.comp != NULL)
		{
997
		OPENSSL_free(s->s3->rrec.comp);
998 999
		s->s3->rrec.comp=NULL;
		}
B
Bodo Möller 已提交
1000 1001 1002 1003
#ifndef NO_DH
	if (s->s3->tmp.dh != NULL)
		DH_free(s->s3->tmp.dh);
#endif
1004

1005 1006 1007
	rp=s->s3->rbuf.buf;
	wp=s->s3->wbuf.buf;

1008
	memset(s->s3,0,sizeof *s->s3);
1009 1010
	if (rp != NULL) s->s3->rbuf.buf=rp;
	if (wp != NULL) s->s3->wbuf.buf=wp;
1011

1012
	ssl_free_wbio_buffer(s);
1013

1014
	s->packet_length=0;
1015 1016 1017 1018 1019
	s->s3->renegotiate=0;
	s->s3->total_renegotiations=0;
	s->s3->num_renegotiations=0;
	s->s3->in_read_app_data=0;
	s->version=SSL3_VERSION;
1020 1021
	}

U
Ulf Möller 已提交
1022
long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
1023
	{
1024 1025
	int ret=0;

1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037
#if !defined(NO_DSA) || !defined(NO_RSA)
	if (
#ifndef NO_RSA
	    cmd == SSL_CTRL_SET_TMP_RSA ||
	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
#endif
#ifndef NO_DSA
	    cmd == SSL_CTRL_SET_TMP_DH ||
	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
#endif
		0)
		{
1038
		if (!ssl_cert_inst(&s->cert))
1039 1040 1041 1042 1043 1044 1045
		    	{
			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
			return(0);
			}
		}
#endif

1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062
	switch (cmd)
		{
	case SSL_CTRL_GET_SESSION_REUSED:
		ret=s->hit;
		break;
	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
		break;
	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
		ret=s->s3->num_renegotiations;
		break;
	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
		ret=s->s3->num_renegotiations;
		s->s3->num_renegotiations=0;
		break;
	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
		ret=s->s3->total_renegotiations;
		break;
1063
	case SSL_CTRL_GET_FLAGS:
1064
		ret=(int)(s->s3->flags);
1065
		break;
1066 1067 1068 1069 1070 1071 1072 1073 1074 1075
#ifndef NO_RSA
	case SSL_CTRL_NEED_TMP_RSA:
		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
			ret = 1;
		break;
	case SSL_CTRL_SET_TMP_RSA:
		{
			RSA *rsa = (RSA *)parg;
1076 1077
			if (rsa == NULL)
				{
1078 1079
				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
				return(ret);
1080 1081 1082
				}
			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
				{
1083 1084
				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
				return(ret);
1085
				}
1086 1087 1088 1089 1090 1091 1092
			if (s->cert->rsa_tmp != NULL)
				RSA_free(s->cert->rsa_tmp);
			s->cert->rsa_tmp = rsa;
			ret = 1;
		}
		break;
	case SSL_CTRL_SET_TMP_RSA_CB:
1093
		{
1094 1095
		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
		return(ret);
1096
		}
1097 1098 1099 1100 1101 1102
		break;
#endif
#ifndef NO_DH
	case SSL_CTRL_SET_TMP_DH:
		{
			DH *dh = (DH *)parg;
1103 1104
			if (dh == NULL)
				{
1105 1106
				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
				return(ret);
1107 1108 1109
				}
			if ((dh = DHparams_dup(dh)) == NULL)
				{
1110 1111
				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
				return(ret);
1112 1113 1114 1115 1116 1117 1118 1119 1120 1121
				}
			if (!(s->options & SSL_OP_SINGLE_DH_USE))
				{
				if (!DH_generate_key(dh))
					{
					DH_free(dh);
					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
					return(ret);
					}
				}
1122 1123 1124 1125 1126 1127 1128
			if (s->cert->dh_tmp != NULL)
				DH_free(s->cert->dh_tmp);
			s->cert->dh_tmp = dh;
			ret = 1;
		}
		break;
	case SSL_CTRL_SET_TMP_DH_CB:
1129
		{
1130 1131 1132 1133 1134 1135 1136 1137 1138 1139
		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
		return(ret);
		}
		break;
#endif
	default:
		break;
		}
	return(ret);
	}
1140

1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155
long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
	{
	int ret=0;

#if !defined(NO_DSA) || !defined(NO_RSA)
	if (
#ifndef NO_RSA
	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
#endif
#ifndef NO_DSA
	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
#endif
		0)
		{
		if (!ssl_cert_inst(&s->cert))
1156
			{
1157
			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175
			return(0);
			}
		}
#endif

	switch (cmd)
		{
#ifndef NO_RSA
	case SSL_CTRL_SET_TMP_RSA_CB:
		{
		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
		}
		break;
#endif
#ifndef NO_DH
	case SSL_CTRL_SET_TMP_DH_CB:
		{
		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1176
		}
1177 1178
		break;
#endif
1179 1180 1181 1182
	default:
		break;
		}
	return(ret);
1183 1184
	}

U
Ulf Möller 已提交
1185
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
1186 1187 1188
	{
	CERT *cert;

1189
	cert=ctx->cert;
1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201

	switch (cmd)
		{
#ifndef NO_RSA
	case SSL_CTRL_NEED_TMP_RSA:
		if (	(cert->rsa_tmp == NULL) &&
			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
			)
			return(1);
		else
			return(0);
1202
		/* break; */
1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229
	case SSL_CTRL_SET_TMP_RSA:
		{
		RSA *rsa;
		int i;

		rsa=(RSA *)parg;
		i=1;
		if (rsa == NULL)
			i=0;
		else
			{
			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
				i=0;
			}
		if (!i)
			{
			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
			return(0);
			}
		else
			{
			if (cert->rsa_tmp != NULL)
				RSA_free(cert->rsa_tmp);
			cert->rsa_tmp=rsa;
			return(1);
			}
		}
1230
		/* break; */
1231
	case SSL_CTRL_SET_TMP_RSA_CB:
1232
		{
1233 1234
		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
		return(0);
1235
		}
1236 1237 1238 1239 1240 1241 1242 1243
		break;
#endif
#ifndef NO_DH
	case SSL_CTRL_SET_TMP_DH:
		{
		DH *new=NULL,*dh;

		dh=(DH *)parg;
1244
		if ((new=DHparams_dup(dh)) == NULL)
1245 1246
			{
			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1247
			return 0;
1248
			}
1249
		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1250
			{
1251 1252 1253 1254 1255 1256
			if (!DH_generate_key(new))
				{
				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
				DH_free(new);
				return 0;
				}
1257
			}
1258 1259 1260 1261
		if (cert->dh_tmp != NULL)
			DH_free(cert->dh_tmp);
		cert->dh_tmp=new;
		return 1;
1262
		}
1263
		/*break; */
1264
	case SSL_CTRL_SET_TMP_DH_CB:
1265
		{
1266 1267
		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
		return(0);
1268
		}
1269 1270
		break;
#endif
1271
	/* A Thawte special :-) */
1272 1273 1274
	case SSL_CTRL_EXTRA_CHAIN_CERT:
		if (ctx->extra_certs == NULL)
			{
B
Ben Laurie 已提交
1275
			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1276 1277
				return(0);
			}
B
Ben Laurie 已提交
1278
		sk_X509_push(ctx->extra_certs,(X509 *)parg);
1279 1280
		break;

1281 1282 1283 1284 1285 1286
	default:
		return(0);
		}
	return(1);
	}

1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
	{
	CERT *cert;

	cert=ctx->cert;

	switch (cmd)
		{
#ifndef NO_RSA
	case SSL_CTRL_SET_TMP_RSA_CB:
		{
		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
		}
		break;
#endif
#ifndef NO_DH
	case SSL_CTRL_SET_TMP_DH_CB:
		{
		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
		}
		break;
#endif
	default:
		return(0);
		}
	return(1);
	}

1315 1316
/* This function needs to check if the ciphers required are actually
 * available */
U
Ulf Möller 已提交
1317
SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1318 1319 1320 1321 1322 1323 1324 1325 1326
	{
	static int init=1;
	static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
	SSL_CIPHER c,*cp= &c,**cpp;
	unsigned long id;
	int i;

	if (init)
		{
B
Bodo Möller 已提交
1327
		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1328 1329 1330 1331 1332 1333 1334

		for (i=0; i<SSL3_NUM_CIPHERS; i++)
			sorted[i]= &(ssl3_ciphers[i]);

		qsort(	(char *)sorted,
			SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
			FP_ICC ssl_cipher_ptr_id_cmp);
B
Bodo Möller 已提交
1335 1336 1337 1338

		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);

		init=0;
1339 1340 1341 1342 1343 1344 1345
		}

	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
	c.id=id;
	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
		(char *)sorted,
		SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
D
 
Dr. Stephen Henson 已提交
1346
		FP_ICC ssl_cipher_ptr_id_cmp);
1347 1348 1349 1350 1351 1352
	if ((cpp == NULL) || !(*cpp)->valid)
		return(NULL);
	else
		return(*cpp);
	}

U
Ulf Möller 已提交
1353
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366
	{
	long l;

	if (p != NULL)
		{
		l=c->id;
		if ((l & 0xff000000) != 0x03000000) return(0);
		p[0]=((unsigned char)(l>> 8L))&0xFF;
		p[1]=((unsigned char)(l     ))&0xFF;
		}
	return(2);
	}

U
Ulf Möller 已提交
1367 1368
SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have,
	     STACK_OF(SSL_CIPHER) *pref)
1369 1370 1371 1372 1373 1374
	{
	SSL_CIPHER *c,*ret=NULL;
	int i,j,ok;
	CERT *cert;
	unsigned long alg,mask,emask;

1375 1376
	/* Let's see which ciphers we can support */
	cert=s->cert;
1377

B
Ben Laurie 已提交
1378
	sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
1379

B
Ben Laurie 已提交
1380
#ifdef CIPHER_DEBUG
1381 1382
        printf("Have %d from %p:\n", sk_SSL_CIPHER_num(pref), pref);
        for(i=0 ; i < sk_SSL_CIPHER_num(pref) ; ++i)
B
Ben Laurie 已提交
1383
	    {
1384
	    c=sk_SSL_CIPHER_value(pref,i);
B
Ben Laurie 已提交
1385 1386 1387 1388
	    printf("%p:%s\n",c,c->name);
	    }
#endif

B
Ben Laurie 已提交
1389
	for (i=0; i<sk_SSL_CIPHER_num(have); i++)
1390
		{
B
Ben Laurie 已提交
1391
		c=sk_SSL_CIPHER_value(have,i);
1392

1393
		ssl_set_cert_masks(cert,c);
1394 1395 1396
		mask=cert->mask;
		emask=cert->export_mask;
			
1397 1398 1399 1400
#ifdef KSSL_DEBUG
		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
#endif    /* KSSL_DEBUG */

1401
		alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1402
		if (SSL_C_IS_EXPORT(c))
1403 1404 1405
			{
			ok=((alg & emask) == alg)?1:0;
#ifdef CIPHER_DEBUG
B
Ben Laurie 已提交
1406 1407
			printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
			       c,c->name);
1408 1409 1410 1411 1412 1413
#endif
			}
		else
			{
			ok=((alg & mask) == alg)?1:0;
#ifdef CIPHER_DEBUG
B
Ben Laurie 已提交
1414 1415
			printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
			       c->name);
1416 1417 1418 1419 1420
#endif
			}

		if (!ok) continue;
	
B
Ben Laurie 已提交
1421
		j=sk_SSL_CIPHER_find(pref,c);
1422 1423
		if (j >= 0)
			{
B
Ben Laurie 已提交
1424
			ret=sk_SSL_CIPHER_value(pref,j);
1425 1426 1427 1428 1429 1430
			break;
			}
		}
	return(ret);
	}

U
Ulf Möller 已提交
1431
int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1432 1433 1434 1435 1436 1437 1438 1439 1440
	{
	int ret=0;
	unsigned long alg;

	alg=s->s3->tmp.new_cipher->algorithms;

#ifndef NO_DH
	if (alg & (SSL_kDHr|SSL_kEDH))
		{
1441
#  ifndef NO_RSA
1442
		p[ret++]=SSL3_CT_RSA_FIXED_DH;
1443 1444
#  endif
#  ifndef NO_DSA
1445
		p[ret++]=SSL3_CT_DSS_FIXED_DH;
1446
#  endif
1447
		}
1448 1449
	if ((s->version == SSL3_VERSION) &&
		(alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1450
		{
1451
#  ifndef NO_RSA
1452
		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1453 1454
#  endif
#  ifndef NO_DSA
1455
		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1456
#  endif
1457 1458 1459 1460 1461
		}
#endif /* !NO_DH */
#ifndef NO_RSA
	p[ret++]=SSL3_CT_RSA_SIGN;
#endif
1462
#ifndef NO_DSA
1463
	p[ret++]=SSL3_CT_DSS_SIGN;
1464
#endif
1465 1466 1467
	return(ret);
	}

U
Ulf Möller 已提交
1468
int ssl3_shutdown(SSL *s)
1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482
	{

	/* Don't do anything much if we have not done the handshake or
	 * we don't want to send messages :-) */
	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
		{
		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
		return(1);
		}

	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
		{
		s->shutdown|=SSL_SENT_SHUTDOWN;
#if 1
1483
		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497
#endif
		/* our shutdown alert has been sent now, and if it still needs
	 	 * to be written, s->s3->alert_dispatch will be true */
		}
	else if (s->s3->alert_dispatch)
		{
		/* resend it if not sent */
#if 1
		ssl3_dispatch_alert(s);
#endif
		}
	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
		{
		/* If we are waiting for a close from our peer, we are closed */
B
Bodo Möller 已提交
1498
		ssl3_read_bytes(s,0,NULL,0,0);
1499 1500 1501 1502 1503 1504 1505 1506 1507
		}

	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
		!s->s3->alert_dispatch)
		return(1);
	else
		return(0);
	}

B
Ben Laurie 已提交
1508
int ssl3_write(SSL *s, const void *buf, int len)
1509 1510 1511 1512 1513 1514 1515 1516 1517 1518
	{
	int ret,n;

#if 0
	if (s->shutdown & SSL_SEND_SHUTDOWN)
		{
		s->rwstate=SSL_NOTHING;
		return(0);
		}
#endif
1519 1520
	clear_sys_error();
	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532

	/* This is an experimental flag that sends the
	 * last handshake message in the same packet as the first
	 * use data - used to see if it helps the TCP protocol during
	 * session-id reuse */
	/* The second test is because the buffer may have been removed */
	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
		{
		/* First time through, we write into the buffer */
		if (s->s3->delay_buf_pop_ret == 0)
			{
			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
B
Ben Laurie 已提交
1533
					     buf,len);
1534 1535 1536 1537 1538 1539 1540 1541 1542 1543
			if (ret <= 0) return(ret);

			s->s3->delay_buf_pop_ret=ret;
			}

		s->rwstate=SSL_WRITING;
		n=BIO_flush(s->wbio);
		if (n <= 0) return(n);
		s->rwstate=SSL_NOTHING;

1544 1545 1546 1547
		/* We have flushed the buffer, so remove it */
		ssl_free_wbio_buffer(s);
		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;

1548 1549 1550 1551 1552 1553
		ret=s->s3->delay_buf_pop_ret;
		s->s3->delay_buf_pop_ret=0;
		}
	else
		{
		ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
B
Ben Laurie 已提交
1554
				     buf,len);
1555 1556
		if (ret <= 0) return(ret);
		}
1557

1558 1559 1560
	return(ret);
	}

B
Bodo Möller 已提交
1561
static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
1562
	{
1563 1564 1565 1566 1567
	int ret;
	
	clear_sys_error();
	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
	s->s3->in_read_app_data=1;
B
Bodo Möller 已提交
1568
	ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1569 1570
	if ((ret == -1) && (s->s3->in_read_app_data == 0))
		{
1571 1572 1573 1574 1575 1576
		/* ssl3_read_bytes decided to call s->handshake_func, which
		 * called ssl3_read_bytes to read handshake data.
		 * However, ssl3_read_bytes actually found application data
		 * and thinks that application data makes sense here (signalled
		 * by resetting 'in_read_app_data', strangely); so disable
		 * handshake processing and try to read application data again. */
1577
		s->in_handshake++;
B
Bodo Möller 已提交
1578
		ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1579 1580 1581 1582 1583 1584
		s->in_handshake--;
		}
	else
		s->s3->in_read_app_data=0;

	return(ret);
1585 1586
	}

B
Bodo Möller 已提交
1587
int ssl3_read(SSL *s, void *buf, int len)
1588
	{
B
Bodo Möller 已提交
1589 1590
	return ssl3_read_internal(s, buf, len, 0);
	}
1591

B
Bodo Möller 已提交
1592 1593
int ssl3_peek(SSL *s, char *buf, int len)
	{
B
typo  
Bodo Möller 已提交
1594
	return ssl3_read_internal(s, buf, len, 1);
1595 1596
	}

U
Ulf Möller 已提交
1597
int ssl3_renegotiate(SSL *s)
1598 1599 1600 1601 1602 1603 1604
	{
	if (s->handshake_func == NULL)
		return(1);

	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
		return(0);

1605
	s->s3->renegotiate=1;
1606 1607 1608
	return(1);
	}

U
Ulf Möller 已提交
1609
int ssl3_renegotiate_check(SSL *s)
1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620
	{
	int ret=0;

	if (s->s3->renegotiate)
		{
		if (	(s->s3->rbuf.left == 0) &&
			(s->s3->wbuf.left == 0) &&
			!SSL_in_init(s))
			{
/*
if we are the server, and we have sent a 'RENEGOTIATE' message, we
U
Ulf Möller 已提交
1621
need to go to SSL_ST_ACCEPT.
1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633
*/
			/* SSL_ST_ACCEPT */
			s->state=SSL_ST_RENEGOTIATE;
			s->s3->renegotiate=0;
			s->s3->num_renegotiations++;
			s->s3->total_renegotiations++;
			ret=1;
			}
		}
	return(ret);
	}